Never heard of that.

Yes, it's very normal.

I believe Goldins is down as well. Must be those pesky Ruskies again. For us dedicated collectors, this is tatamount to War.

Ship them all of your junk wax all at once!!@

Thanks; glad you're tracking it.

I'll be very interested to see the analysis of the vector of attack used by the hackers, which auctions sites were affected and what types of personal data was potentially exposed.

Hopefully Bob will provide clarity about what happened and which sites were affected.

Whether the hackers use thst information, or not, is immaterial. Customers should have the opportunity to manage their risks from the attack.

Personally, I can't condone paying the ransom. If someone steals the keys to my front door, I'm not going to pay them to get the keys back. I'm going to call the locksmith and move on.

If a appropriate backups existed, then there should have been no need to pay any ransom. I'll be reconsidering my patronage of any AH using SimpleAuctionSite as a result.

I too am in IT. I’ve said this before on this board. If I do the forget my password thing, I’ve had emails sent to me with my password in it. Not the way it’s supposed to be handled and I get very leery about that auction house and cloud provider when that happens.

Theoretically, all the hackers should be able to get from an auction site would be your contact info and purchase history. Your credit card and password info SHOULD be stored in encrypted format. If it's not, the auction host should be put out of business. Period.

As for restoring from backups, it's not always that simple. Yes, you would hope you can restore from a clean backup but that's not always possible.

Anyone hearing an update on the timing of auction open?

Ive received a number of emails from different AH who have delayed opening from yesterday afternoon until it appears Wednesday now.

That's not the right analogy. It's more like the hackers called the locksmith and changed the locks, and they have the only key to your house.

Bill

those hacker normally demand $50k bitcoin as far as I know.

Monday

The latest update is Wednesday for the sites that have auctions running, and the rest follow after they are up. Not sure how long it will all take but that is what information we are getting.

Lee

National Card Investors
 

Simple Auction runs my site as well. I had an auction end last Wednesday and the site went down Friday. I was able to email all of my invoices to all winning bidders before it went down. I sent out direct emails to each winning bidder that had not paid to to let them know what was going on. I had to type in their emails from their printed invoices. Now if they choose they can pay by check as the ability to pay through PayPal is down with the site down. All of the customer information as far as I know (name, address, email, phone) is stored on a separate I Contact account. I am patiently waiting for my site and auction site to come back up. Jeff Weisenberg

Jeff, thanks for the info. When a dealer bids in your auctions and is eligible to forego paying sales tax, how do you handle their request for a sales tax exemption? Specifically, do you request their SSN, and is that info stored on the servers that were hit, or, would the application with SSN have been emailed back to you on an email account that was hit?

An appropriate ransom and far better than thermonuclear war.

So Weds has come and gone and many Sites still down:

SCP
MEARS
Sterling
Goldin

If the hackers don't work on weekends maybe they take the holiday season off, too.

That's a good point, they may even be using up their vacation days if it's "use 'em or lose 'em".

So these Sites may be down until a week from Monday.

A few more to add to the list. I'm sure there are others but thee are ones I have saved

LOTG
Collect Auctions
Sirius

Brockelman Auctions
Kevin Savage Cards
National Card Investors

This was my thoughts exactly. They probably took these 2 weeks off for Christmas and New Years to be with their families.


Sent from my iPhone using Tapatalk

According to bobfreedman in post #49, they have the decryption keys and are waiting for the decryption process to complete. But that assumes a couple of things:

1. The decryption works without issue and important files weren't corrupted in the process
2. The hackers haven't added any backdoors or embedded any other hacks


A forensic analysis of the restored machines will be necessary to double check everything. Thiat takes time. Presumably at thst point each AH needs to review they're own setup.

I hope a that point we get full transparency about what personal data was exposed.

Hey on the positive side if we ever want to buy a car.....or a place in Russia they will already have our info on file. So we got that going for us.

Just for the record. I know many Russian people, and they are nice, honest, intelligent, funny people like everyone else.

For most countries, don't mistake the politicians/government or criminals for the regular citizens. Especially in a borderline-dictatorship such as Russia.

VSA update
 

I just got this update from VSA:

VSA Auction *UPDATE on Re-Start* For Auction That Was Paused last Thursday Evening

Targeted Re-Start for Wednesday 12/30 at 9:00 PM CST/10:00 PM EST (Assuming There Are No Unforeseen Setbacks)

Our auction host, Simple Auction Site, has notified us as well as the other 150+ auction sites this afternoon that they are continuing to work through all the issues and are in the final stage of getting us all up and running again but, as it turns out, they had to go in to each website and manually apply "fixes" to each one individually. That has slowed the process a bit but they are working towards bringing us up as quickly and safely as possible. It's been a tedious process but the team at Simple Auction has been working diligently around the clock (even through the holiday) to get all the sites back online while maintaining security. We happened to be one of the most affected sites given we were in the midst of an auction and in the 30 minute countdown phase so ours will be given priority. Shortly after the site goes live, we will confirm the functionality and immediately schedule the re-start time. Assuming there are no unforeseen setbacks, we are now targeting the re-start for Wednesday 12/30 at 9:00 PM CST/10:00 PM EST. The re-start time will be highlighted on the top banner across each auction page and all bidders & consignors will be notified immediately via e-mail/phone/text once the site is live.

** Due to the fact that this outage occurred after we had already entered into the extended bidding session, bidders will still be allowed to bid on the lots that they had previously placed a bid on prior to 11:00pm CST once we resume the auction. To be clear, if you had NOT placed a bid prior to 11:00pm CST on the individual lot, you won't be able to place a bid on on that lot when the auction resumes. You will be able to access your account once the site is restored to view the lots you are still eligible to bid on. We sincerely apologize for this inconvenience and greatly appreciate your patience and understanding. **

Sterling appears to be open, but I got an error message when I tried to place a bid

Still errors out -

Compilation Error
Description: An error occurred during the compilation of a resource required to service this request. Please review the following specific error details and modify your source code appropriately.

Compiler Error Message: CS1056: Unexpected character ''

Source Error:


Line 1: )%
Áú"Ù®ý-)zewγÿÚÓ’BÑ
q™Â 
Line 2: 0ùû§zB÷'*GlÈòÛçäFí´M³’Ú´ºxìU]Qh¬–ÂMŒÉf³>—ÿ-d—ÇÛíü�&Pý)DEïÖ…3Å6÷Ùˆ„ÄÆèƒã<†ÕýÙ©šaZžkHñËTzY𿱉Óûüe�Ð�UÛq Ì�#T%8ƒÑ�¹U'ÌcZ‚'þ·y‚VÝÿ“„g&¶”6Ï`–u�|ßÚ-×vL
ŽuUŠ/*ûAÔTwBb!Ù ªzì—Ÿ±í²¦Mý‘úxû'¤D:¶½Ø¡ÆE�?û5Ù&Ûó�60„½´Öü 3Uh—zÊ膉$—ê%éM™ç\íED‰¥î®—øV¸?Sž�Èää+4å=k#‹.<ã-:FµÚ#‰@f¡…GGt:Ç–¯‰œG�
Line 3: lÁMrÁ7
,"�”ìÚùŠ$Iì”*RdŒtétûÕ¡U€jùkì³P˜O<·ò? ³N*$ÝkW=sbAbÎ&ÍÅ…Ÿåä³ÐÑ€JȪû+zº/ÍËUnœ2ªk5¤ÊãÍ"V,âîû˜(b¿�O£ân´4‘VÀtŒ>£ä*Âtå*I�Å]~ØI;�ŒAAx³ÌdŒ¬d–™™EŠ›LW˜Æfרö—Çæex<›#)F&R^@>ñÕÿ.?R
„› µª–x=C]!wu™À€žlØÎ’«O+„ž\悸¬-Š¯{§OòI¨~_¶}*µ¥%xÿƒ�Áç 'ëu¶Ï§HÃÿêøÔ¾çÿðï„´x£ÒŽÖVK¢Öb?$›†l·ýpòIÏ7FV3òÌ ¥•*«²9´—Å£t ´ãÄÛñåTFÇ€du%


Source File: \\iisfiles\f_wwwroot\sterlingsportsauctions.com\ww wroot\AgreeToTerms.aspx.cs Line: 1

It says DO NOT bid in the auction on the opening page.

Please do NOT Bid in the Current Sterling Sports Auctions at this time.

The site is back up, but the auction was not suppose to be started. Please do NOT bid at this time. The whole auction was not ready to start. The changes need to be made by Simple Auctions to rectify this situation.

At the current time I am looking to start the auction in January (probably on the 14th). This is due in part to more consignments that came in and I want to give the web host time to work out any bugs that may occur.

In the mean time The preview will stay up to view and I will keep you updated with any other details.

If any one has any consignments they would like to get into the auction please let me know.

Thanks for your patience,

Lee Behrens
320-219-1372

Needless to say, with a big front page "do not bid" splash, my Sterling consignments already have three bids. American Idiots at their finest...

I'd suggest everyone get in there today and change your password. Same with every other SAS site as it is restored.

A few bidders got in before the notice was sent. I like that they found it open but glitches need to be fixed before the auction gets up and running.

Thanks

Lee

It appears that the site is back into Preview mode.

I have decided to launch on January 14th in part to make sure there are no more glitches and to add more lots.

If you have any other consignments you would like to add please let me know.

Thanks for your support of Sterling,

Lee